﻿using SysHelper;
using SysHelper.Attributes;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;

namespace SysController._Filters
{
    public class LoginValidateAttribute : System.Web.Mvc.AuthorizeAttribute
    {
        #region 验证方法 - 在 ActionExcuting过滤器之前执行
        /// <summary>
        /// 验证方法 - 在 ActionExcuting过滤器之前执行
        /// </summary>
        /// <param name="filterContext"></param>
        public override void OnAuthorization(System.Web.Mvc.AuthorizationContext filterContext)
        {
            string strArea = filterContext.RouteData.DataTokens.Keys.Contains("area") ? filterContext.RouteData.DataTokens["area"].ToString().ToLower() : "home";
            List<string> listAreaLimite = new List<string>() { "orders", "product", "home" };
            if (!string.IsNullOrEmpty(strArea) && listAreaLimite.Contains(strArea))
            { 
                if (!DoesSkip<SkipAttribute>(filterContext))
                {
                    bool isLogin = false;
                    if (!DoesSkip<SkipLoginAttribute>(filterContext))
                    {
                        #region 1.验证用户是否登陆(Session && Cookie)
                        isLogin = OperateContext.CurrentContext.IsLogin();
                        if (!isLogin)
                        {
                            filterContext.Result = OperateContext.CurrentContext.Redirect("/Home/Login", filterContext.ActionDescriptor);
                        }
                        #endregion
                    } 
                    if (isLogin && !DoesSkip<SkipPemissionAttribute>(filterContext))
                    {
                        #region //2.验证登陆用户 是否有访问该页面的权限 
                        string strAreaName = strArea == "home" ? "home" : filterContext.RouteData.DataTokens["area"].ToString().ToLower();
                        string strContrllerName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName.ToLower();
                        string strActionName = filterContext.ActionDescriptor.ActionName.ToLower();
                        string strHttpMethod = filterContext.HttpContext.Request.HttpMethod;

                        if (!OperateContext.CurrentContext.IsPemission(strAreaName, strContrllerName, strActionName, strHttpMethod))
                        {
                            filterContext.Result = OperateContext.CurrentContext.Redirect("/Home/Login", filterContext.ActionDescriptor); 
                        }
                        #endregion
                    }
                }
            } 
        }
        #endregion

        #region 是否跳过验证  -bool DoesSkip<T>(System.Web.Mvc.AuthorizationContext filterContext) where T : Attribute
        /// <summary>
        /// 是否跳过验证
        /// </summary>
        /// <typeparam name="T"></typeparam>
        /// <param name="filterContext"></param>
        /// <returns></returns>
        bool DoesSkip<T>(System.Web.Mvc.AuthorizationContext filterContext) where T : Attribute
        {
            if (!filterContext.ActionDescriptor.IsDefined(typeof(T), false) && !filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(T), false))
            {
                return false;
            }
            return true;
        } 
        #endregion
    }
}
